Technical Information
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://ad##c.us/169172675482
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://15######.allanalpass.com
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://ad#.ly/4CvyP
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://ad##c.us/169172675483
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://ae###db3.zff.co
- <SYSTEM32>\ping.exe 1.1.1.1 -n 1 -w 60000
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://ad##c.us/169172675431
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\winlogon.bat" "
- <SYSTEM32>\ping.exe 1.1.1.1 -n 1 -w 60000
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://ad#.ly/4CuVT
- <SYSTEM32>\taskkill.exe /F -IM iexplore.exe
- iexplore.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\169172675431[1]
- %TEMP%\1.tmp\winlogon.bat
- 'ad##c.us':80
- 'localhost':1036
- ad##c.us/169172675431
- DNS ASK ad##c.us
- '<Private IP address>':1037
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''